Analyst finds flaws in Canon image verification system

A system used to digitally sign Canon photos for use as evidence has major flaws, according to a Russian company

Jeremy Kirk (IDG News Service)
01 December, 2010 04:09
Comments

A cryptographic system used by Canon to ensure that digital images haven't been altered is flawed and can't be fixed, according to a Russian security company that specializes in encryption.

Mid- to high-end Canon digital cameras have a feature called "Original Decision Data" (ODD), which is a digital signature that can be verified to see if a photo has been retouched or if data such as timestamps or GPS coordinates have been changed. The Associated Press news wire uses the system, which can also be used to verify photos used as evidence.

But the digital signature can be forged due to design flaws in Canon's system, according to Dmitry Sklyarov, an IT security analyst with Elcomsoft, which specializes in password recover systems. Sklyarov was due to give a presentation on the flaws at the Confidence IT security event in Prague on Tuesday afternoon.

Elcomsoft has published photos -- including one with an astronaut planting the flag of the Soviet Union on the moon -- that, if checked using a smart card and special software from Canon, confirm that the photo has not been tampered with.

Elcomsoft shared a copy of Sklyarov's presentation, which hasn't been released publicly, with IDG News Service. In it, he describes how one component, the Hash-based Message Authentication Code (HMAC), which is used to calculate the ODD, can be extracted from the memory of several different Canon camera models.

In Canon's second version of its ODD system, the HMAC code is 256 bits. The code is the same for all cameras of the same model. Knowing the HMAC code for one particular model allows the ODD to be forged for any camera within that model range, Sklyarov wrote.

The problem is that the HMAC sits in the camera's RAM in a de-obfuscated form and can be extracted, according to Sklyarov. It is also possible to extract the HMAC from the camera's Flash ROM and manually de-obfuscate it. Canon also released a third version of ODD, which Sklyarov was also able to break and forge the ODD. Elcomsoft has written a program that can analyze a camera's processor and firmware.

The problem is a design flaw and can't be fixed, according to Elcomsoft. Sklyarov said he was able to extract the HMAC keys for the following models: EOS 20D, EOS 5D, EOS 30D, EOS 40D, EOS 450D, EOS 1000D, EOS 50D, EOS 5D Mark II, EOS 500D and EOS 7D.

With future models, Sklyarov wrote that Canon could implement an HMAC calculation in a cryptoprocessor that does not expose it. Also, Canon should prevent its cameras from running non-Canon code to avoid the use of software tools by an attacker.

Elcomsoft made several attempts about three months ago to notify Canon of the problem with no response, said Katerina Korolkova, an Elcomsoft spokeswoman. A senior manager in Canon's technical department finally acknowledged receipt of the issue.

"We have provided them all of our technical findings," she said.

Elcomsoft told Canon it planned to release details of the problem, and the company has also notified the U.S. Computer Emergency Response Team, Korolkova said. Elcomsoft plans to release Sklyarov's full presentation on its website in about two weeks.

The design flaws could allow defense attorneys to challenge photographic evidence as details of the flaws are revealed and possibly applied.

"If defense teams raise concerns about the veracity of images or of any evidence, then the court would hear legal argument on the issue and make their decision," according to a spokeswoman for the U.K.'s Crown Prosecution Service.

Canon officials were not immediately available for comment on Tuesday.

Recommended

BT Financial embraces BI to better understand customers

eBay bids on big data challenge

More Australians are using mobiles to connect to ...

CMO

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Bookmark this page

Share this article

facebook

slashdot

digg

Reddit

stumbleupon

linkedin

twitter

Got more on this story? Email CIO

Follow CIO on twitter

More about: Canon, Computer Emergency Response Team, IDG

References show all

Dmitry Sklyarov « 201002 CONFidence – Prague

Comments are now closed.

Share

Share this article1

google+

facebook facebook

slashdot slashdot

digg digg

Reddit Reddit

stumbleupon stumbleupon

linkedin linkedin

twitter twitter

print

email

Bookmark

Related Coverage

Blue Coat Systems to acquire security analytics firm Solera Networks

New Citadel malware variant targets Payza online payment platform

New Citadel malware variant targets Payza online payment platform

AusCERT 2013: NBN users need security professionals’ help, says Google

U.S. power companies under frequent cyberattack

Related Whitepapers

NetApp FAS6240 Clustered SAN Champion of Champions

Detecting APT Activity with Network Traffic Analysis

ESG Whitepaper: Integrated Computing Platform Survey

Managing the Rapid Rise in Database Growth: 2011 IOUG Survey on Database Manageability

Vodafone Ireland Implements World-Class Service Excellence with HP BSM

Latest Stories

Telstra COO reveals restructure

Corporate website performance stuck in the 1990s: survey

In pictures: AusCERT 2013 Day One

CenITex to become service “broker”

Why change management doesn’t work

Community Comments

"Suggesting that people's "purpose is to get information to flow through the ..."

Why change management doesn’t work

"Darn those pesky laws that get in the way of commercial exploitation ..."

Larry Page wants to see your medical records

"Instead of partitioning the device between corporate and personal data, another approach ..."

Dual-Persona Smartphones Not a BYOD Panacea

"Well that's a nice back-handed compliment isn't it? So now, finally, my ..."

After two-year hiatus, EFF accepts bitcoin donations again

"Actually, both Mobile App developers and CIOs should be blamed for it. ..."

CIOs struggle to deliver timely mobile business apps: survey

Tags: Canon, security, Elcomsoft, encryption, data protection, fraud

Latest Blog Posts

Rory Gregg

Homeless multinationals and taxing decisions

Scott Stewart

IT sourcing: in or out?

Rob Livingstone

Avoiding your cloud vendor’s success trap

Whitepapers

IDC: Delivering Customer Value with Enterprise Flash Deployments
When it comes to flash, “one size does not fit all.” IDC examines recent flash trends in enterprise storage deployments. This includes: highlighting how SSDs are filling in gaps of existing storage systems when coupled with intelligent archiving and automated tiering, the pros and cons of different SSD approaches, and tips to overcome concerns of reliability, manageability and scalability.

Learn more »

Maximising productivity without sacrificing security
Advances in mobility and client computing technology combined with the ubiquity of the Internet and social media are creating a culture and desire for constant connectivity and anywhere access to information. As these trends extend from the home into the work place, IT managers should consider seriously the opportunities for increased productivity and communication with customers and constituents, as well as understand the increased security risks posed by online, anytime access to private networks and data. Read more.

Learn more »

Batten Down the Hatches! A Guide to Protecting Data in Motion
The risks facing high-speed data networks and unencrypted data while in motion are very real and on the rise. As information becomes one of the most valuable ‘off balance sheet’ assets, protection of that information and the investment in it is a paramount obligation of office-holders and management. Read now for a better understanding of the risks to data in motion.

Learn more »

All whitepapers

Most Read

Most Commented

1
10 Tips for Dealing with a Bully Boss
2
How to define the scope of a project
3
5 open source help desk apps to watch
4
Think Tank: Tips for IT strategic planning success
5
PMBOK vs PRINCE2 vs Agile project management

6
Opinion: Why national e-health is not for everyone
1
Dual-Persona Smartphones Not a BYOD Panacea
1
Larry Page wants to see your medical records
1
ACS to help redundant staff in Queensland
1
eBay bids on big data challenge

Get exclusive access to Invitation only events CIO, reports & analysis.
Sign up now »

Latest Jobs

FTLead Software EngineerSA

FTQuality ManagerSA

FTSenior Python Web Applications DeveloperNSW

FT.NET - Sitecore Developer - Melbourne - PermNSW

FTSenior Python DeveloperNSW

FTFlash / ActionScript Developer - ContractNSW

FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ

FTOS Web Applications DeveloperNSW

FTSenior Python DeveloperNSW

FTR&D EngineerSA

Zones

Symantec Business Critical Virtualisation Content Zone
Visit zone »

BlackBerry Enterprise Service 10 Zone
Visit zone »

HP Tech Connect Resource Centre
Visit zone »

Featured Whitepapers

Tolly Report: Performance Survey of Virtual Environment Security

This report by Tolly tests the system resource requirements of competing vendor solutions when performing on-demand and on-access scanning functions, during distributed definition updates. Click to download how the four ...

Getting Real About Security Management and Big Data – A Roadmap for Big Data in Security Analytics

Unleashing the Power of Information

Saving Time and Money with Savvy Use of Flash in Automated Storage Tiering

Most Popular Whitepapers

1

Enable Flexible Working

The nature of work has changed fundamentally and forever and it continues to evolve rapidly. Geographic distance and ...

2
Legal Compliance in Electronic Record Keeping

3
Forrester: The Three Stages of Cloud Economics

4
How to Navigate Today’s Supply Chain Challenges

Recent comments

"Suggesting that people's "purpose is to get information to flow through the ..."
Why change management doesn’t work

"Darn those pesky laws that get in the way of commercial exploitation ..."
Larry Page wants to see your medical records

"Instead of partitioning the device between corporate and personal data, another approach ..."
Dual-Persona Smartphones Not a BYOD Panacea

"Well that's a nice back-handed compliment isn't it? So now, finally, my ..."
After two-year hiatus, EFF accepts bitcoin donations again

"Actually, both Mobile App developers and CIOs should be blamed for it. ..."
CIOs struggle to deliver timely mobile business apps: survey

Follow CIO

LinkedIn

Twitter

YouTube

Facebook

Newsletter

Market Place

Switch on The Symantec Business Critical Virtualisation Content Zone

Australian Breakfast Road Show: Enabling Proactive Security for Tomorrow's Business Trends

Register now for Gartner’s must attend event for Applications professionals.

Deploying mobility worthwhile challenge hear what CIOs have to say.. Read more

Now out of the office never means out of the loop. Office 365 – your complete office in the cloud.

Latest Jobs

Flash / ActionScript Developer - Contract

Job Title: Mac Systems/ Enterprise Systems Engineer

.NET - Sitecore Developer - Melbourne - Perm

OS Web Applications Developer

Senior Python Developer

Subscribe to CIO

Critical. Authoritative. Strategic. CIO magazine addresses the issues vital to the success of IT and business executives. Solutions-oriented editorial provides a greater understanding of the role IT plays in achieving corporate goals. Subscribe to the print edition today.

All

LinuxWorld

Computerworld

CIO

CSO Online

ARN

PODCAST

Download OPML file for import with all IDG RSS feeds

LinuxWorld News

LinuxWorld Technology List

Software Development by Computerworld

Business by Computerworld

Computerworld Business In-Depth

Security Alerts by Computerworld

Security Weekly by Computerworld

Linux & Open Source by Computerworld

Mobility & Wireless by Computerworld

Networking by Computerworld

Storage Solutions by Computerworld

Telecoms by Computerworld

.NET Centre

Careers by Computerworld

Computerworld Today

CIO Executive Briefing

CIO Government

CSO Online Data Security Briefing

ARN Daily

ARN PC and Components

Networking

ARN Security

Storage

ARN Mobility and Wireless

CIO Live (MP3) RSS Feed

CIO Live (WMA) RSS Feed

Computerworld Live (MP3) RSS Feed

Computerworld Live (WMA) RSS Feed

CSO

AusCERT 2013: Users, cats more likely hack culprits than cyber-espionage: Trustwave

AusCERT 2013: Home-electronics gear’s UPnP as insecure in Australia as rest of world: Metasploit

AusCERT 2013: Big data skills help beat the bad guys, says HP

In pictures: AusCERT 2013 Day One

Blue Coat Systems to acquire security analytics firm Solera Networks

Computerworld

Telstra COO reveals restructure

NBN Co's buys iiNet's FTTH network

In pictures: AusCERT 2013 Day One

Telcos to stop charging for 1800 calls from mobiles

WikiLeaks Party closer to registering

ARN

Telstra reveals mass restructure plans

Exclusive: Sophos hires Delaney to lead the channel

NBN Co buys TransACT FTTP network in ACT

Aussie start up launches online document platform

Certero going live for Green IT Awareness Week

CFO World

Apple defends offshore decisions that result in low taxes

Vodafone revenue and profit drop as European troubles continue

Apple to tell Senate it pays every cent of its taxes

Cash visibility tops list in first Asia-Pacific treasury report

Economy wide spending up in April

CMO

Canon appoints new GM of consumer marketing

Marketo raises US$79m in IPO listing

IBM's Watson: From game shows to game changer in the enterprise

Coping with brand management: Diageo’s story

IBM launches Watson customer service smart bot